<?
require_once("header.misc.php");

class Person {
	
	public $firstname;
	public $lastname;
	public $middlename;
	public $id;
	public $username;
	public $type;
	public $password;
	public $active;
	
	function __construct($id) {
		if(!is_numeric($id)) {
			return;
		}
		connectToDB();
		$data=mysql_query("SELECT * FROM `people` WHERE `people_id`='" . $id . "'");
		$info=mysql_fetch_array($data);
		$this->firstname=$info['people_firstname'];
		$this->lastname=$info['people_lastname'];
		$this->middlename=$info['people_middlename'];
		$this->id=$info['people_id'];
		$this->username=$info['people_username'];
		$this->password=$info['people_password'];
		$this->active=($info['people_active']==1 ? true : false);
		$data=mysql_query("SELECT * FROM `people_type` WHERE `people_type_id`='" . $info['people_type_id'] . "'");
		$i=0;
		while($info=mysql_fetch_array($data)) {
			$this->type[$i]=$info['people_type_name'];
			$i++;
		}
	}
	
	public function myAdvisory() {
		connectToDB();
		$awesome = mysql_query("SELECT advisory.* FROM `advisory` JOIN `advisory_linker` ON advisory_linker.advisory_id=advisory.advisory_id WHERE advisory_linker.people_id='" . $this->id . "'");
		if(!$awesome) {
			return false;
		}
		if(mysql_num_rows($awesome)<1) {
			return false;
		}
		$awesome=mysql_fetch_array($awesome);
		return $awesome['advisory_id'];
	}
	
	//$group->changeAccess($_POST['page'],$_POST['access']);
	public function changeAccess($page,$access) {
		connectToDB();
		mysql_query("DELETE FROM `access_values` WHERE page_id='" . mysql_real_escape_string($page) . "' AND people_id='" . $this->id . "'");
		if($access!="0" AND $access!="1") {
			return;
		}
		mysql_query("INSERT INTO `access_values` (`page_id`,`people_id`) VALUES ('" . mysql_real_escape_string($page) . "','" . $this->id . "')");
	}
	
	public function enableAccount() {
		connectToDB();
		mysql_query("UPDATE `people` SET `people_active`='1' WHERE `people_id`='" . $this->id . "'");
		$this->active=true;
	}
	
	public function disableAccount() {
		connectToDB();
		mysql_query("UPDATE `people` SET `people_active`='0' WHERE `people_id`='" . $this->id . "'");
		$this->active=false;
	}
	
	public function changeName($first,$last) {
		connectToDB();
		mysql_query("UPDATE `people` SET people_firstname='" . mysql_real_escape_string($first) . "', people_lastname='" . mysql_real_escape_string($last) . "' WHERE people_id='" . $this->id . "'");
		echo mysql_error();
		connectToDB();
		$data=mysql_query("SELECT * FROM `people` WHERE `people_id`='" . $this->id . "'");
		$info=mysql_fetch_array($data);
		$this->firstname=$info['people_firstname'];
		$this->lastname=$info['people_lastname'];
		echo mysql_error();
	}
	
	public function changePassword($newpass) {
		connectToDB();
		mysql_query("UPDATE `people` SET people_password=sha1('" . mysql_real_escape_string($newpass) . "') WHERE people_id='" . $this->id . "'");
	}
	
	public function getGroupList($all=false) {
		$where="";
		if(!$all) {
			$where = " AND people_group.people_group_id!='2'";
		}
		$query="SELECT people_group.* FROM `people_group` JOIN people_in_group ON people_in_group.people_group_id=people_group.people_group_id JOIN people ON people.people_id=people_in_group.people_id WHERE people.people_id='" . $this->id . "'" . $where;
		$newdata = mysql_query($query);
		$awesome=array();
		while($data = mysql_fetch_array($newdata)) {
			$awesome[$data['people_group_name']]=$data;
		}
		return $awesome;
	}
	
	public function isInGroup($gid) {
		connectToDB();
		if(!is_numeric($gid)) {
			$gid=getGidByName($gid);
		}
		if(!$gid) {
			return false;
		}
		$rawdata=mysql_query("SELECT * FROM `people_in_group` WHERE `people_id`='" . $this->id . "' AND `people_group_id`='" . mysql_real_escape_string($gid) . "'");
		if(mysql_num_rows($rawdata)>0) {
			return true;
		}
		return false;
	}
	
	public function addToGroup($gid) {
		connectToDB();
		if($this->isInGroup($gid)) {
			return true;
		}
		if(!is_numeric($gid)) {
			$gid=getGidByName($gid);
		}
		if(!$gid) {
			return false;
		}
		mysql_query("INSERT INTO `people_in_group` (`people_id`,`people_group_id`) VALUES ('" . $this->id . "','" . mysql_real_escape_string($gid) . "')");
		echo mysql_error();
	}
	
	public function removeFromGroup($gid) {
		connectToDB();
		mysql_query("DELETE FROM `people_in_group` WHERE `people_id`='" . $this->id . "' AND `people_group_id`='" . mysql_real_escape_string($gid) . "'");
	}
	
	public function changeUsername($newusername) {
		connectToDB();
		mysql_query("UPDATE `people` SET `people_username`='" . mysql_real_escape_string($newusername) . "' WHERE people_id='" . $this->id . "'");
	}
	
	public function getMyMenu() {
		connectToDB();
		$query="SELECT page.* FROM page JOIN menu ON menu.page_id=page.page_id JOIN people_group ON people_group.people_group_id=menu.people_group_id JOIN people_in_group ON people_in_group.people_group_id=people_group.people_group_id WHERE people_in_group.people_id='" . $this->id . "' ORDER BY menu.menu_id";
		$rawmenu=mysql_query($query);
		while($menu=mysql_fetch_array($rawmenu)) {
			if($this->canAccessPage_id($menu['page_id'])) {
					$returnmenu[$menu['page_name']]=$menu['page_script'];
			}
		}
		return $returnmenu;
	}
	
	public function canAccessPage_id($pagename) {
		connectToDB();
		$query="SELECT access_values.access_values_value FROM access_values WHERE access_values.people_id='" . $this->id . "' AND access_values.page_id='" . mysql_real_escape_string($pagename) . "'";
		$data=mysql_query($query);
		if(mysql_num_rows($data)>0) {
			$data=mysql_fetch_array($data);
			return ($data['access_values_value']==1 ? true : false);
		}
		$query="SELECT people_group_access.people_group_access FROM `people_group_access` JOIN `people_group` ON people_group.people_group_id=people_group_access.people_group_id JOIN people_in_group ON people_in_group.people_group_id=people_group.people_group_id WHERE people_in_group.people_id='" . $this->id . "' AND people_group_access.page_id='" . mysql_real_escape_string($pagename) . "'";
		$data=mysql_query($query);
		if(mysql_num_rows($data)>0) {
			$data=mysql_fetch_array($data);
			return ($data['people_group_access']==1 ? true : false);
		}
		$query="SELECT page.page_access FROM page WHERE page.page_id='" . mysql_real_escape_string($pagename) . "'";
		$data=mysql_query($query);
		if(mysql_num_rows($data)>0) {
			$data=mysql_fetch_array($data);
			return ($data['page_access']==1 ? true : false);
		}
		
		return false;
	}
	/*
	public function canAccessPage_script($pagename) {
		connectToDB();
		$query="SELECT page.page_id FROM page WHERE page.page_script='" . mysql_real_escape_string($pagename) . "'";
		$data = mysql_query($query);
		if(mysql_num_rows($data)<1) {
			return false;
		}
		$data = mysql_fetch_array($data);
		return $this->canAccessPage_id($data['page_id']);
	}
	
	public function canAccessPage_name($pagename) {
		connectToDB();
		$query="SELECT page.page_id FROM page WHERE page.page_name='" . mysql_real_escape_string($pagename) . "'";
		$data = mysql_query($query);
		if(mysql_num_rows($data)<1) {
			return false;
		}
		$data = mysql_fetch_array($data);
		return $this->canAccessPage_id($data['page_id']);
	}
	*/
}
